diff --git a/config/action.d/iptables-common.conf b/config/action.d/iptables-common.conf
index dff01362..45819e3d 100644
--- a/config/action.d/iptables-common.conf
+++ b/config/action.d/iptables-common.conf
@@ -49,3 +49,16 @@ blocktype = REJECT --reject-with icmp-port-unreachable
 #          in all (blocking) actions, except REJECT in allowing actions.
 # Values:  STRING
 returntype = RETURN
+
+# Option:  lockingopt
+# Notes.:  Option was introduced to iptables to prevent multiple instances from
+#          running concurrently and causing irratic behavior.  -w was introduced
+#          in iptables 1.4.20, so might be absent on older systems
+#          See https://github.com/fail2ban/fail2ban/issues/1122
+# Values:  STRING
+lockingopt = -w
+
+# Option:  iptables
+# Notes.:  Actual command to be executed, including common to all calls options
+# Values:  STRING
+iptables = iptables <lockingopt>